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DETAILED ACTION 
Response to Amendment 

1 . Applicant's amendment filed 27 July 2007 amends claims 1-7, 10-19, 22-3 1 , and 34-36. 
Claims 8, 9, 20, 21, 32, 33, and 37-39 have been cancelled. 

Response to Arguments 

2. In response to applicant's argument that the references fail to show certain features of 
applicant's invention, it is noted that the features upon which applicant relies (i.e., the server 
does not obtain the password from a user to generate a first hash) are not recited in the rejected 
claim(s). Although the claims are interpreted in light of the specification, limitations from the 
specification are not read into the claims. See In re Van Geuns, 988 F.2d 1 1 8 1 , 26 
USPQ2d 1057 (Fed. Cir. 1993). 

Claim Rejections - 35 USC §102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed- 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the. United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

4. Claims 1 5 2, 13, 14, 25, 26 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Peyravian, U.S. Publication No. 2004/0158715. Referring to claims 1, 13, 25, Peyravian 
discloses an authentication system between parties communicating over a SSL tunnel (Abstract 
& [0016]), which meets the limitation of establishing a tunnel between an authenticator in the 
network and a device, the tunnel using a tunnel protocol. The communicating parties include a 
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client and server wherein each have a public/private key pair ([0023] & [0025]) and a shared 
secret ([0022]), which meets the limitation of the authenticator having a first public key, the 
device having a second secret and a second public key. The client concatenates the public key of 
the client, the public key of the server, and a random number ([0038] & [0040]), which is then 
hashed by the client and transmitted to the server ([0040]), which meets the limitation of 
generating a first hash for transmission to the device, the first hash generated using a secret 
obtained from a user, the first public key, the second public key and a random number generated 
from the tunnel protocol. The server receives the hash that is generated by the client, generates a 
second hash for comparison with the hash received from the client ([0041]), which meets the 
limitation of comparing the first hash with a second hash, wherein the second hash is generated 
at the device. If the hashes match, the server has authenticated the client for communications 
with the server ([0041]-[0042]), which meets the limitation of upon determining that the first 
hash matches the second hash, establishing an authenticated session between the device and the 
authenticator. 

Referring to claims 2, 14, 26, Peyravian discloses that the second hash is generated by 
concatenating the public key of the client, the public key of the server, the shared secret, and the 
random number ([0038] & [0041]), which is then hashed [0041]), which meets the limitation of 
generating the second hash at the device using the first public key, the second public key, the 
second secret, and the random number generated from the tunnel protocol. 

Claim Rejections - 35 USC § 103 
5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 
(1966), that are applied for establishing a background for determining obviousness under 35 
U.S.C. 103(a) are summarized as follows: . 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating obviousness 
or nonobviousness. 

7. Claims 6, 7, 10, 18, 19, 22, 30, 31, 34, 40 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Peyravian, U.S. Publication No. 2004/0158715. Referring to claims 6, 7, 18, 

1 9, 30, 3 1 , Peyravian discloses that if the hashes match, the server has authenticated the client for 
communications with the server ([0041]-[0042]), which meets the limitation of determining if a 
hash value of the second public key matches a hash value obtained from the device. A secret is 
shared between the two parties ([0022]), which meets the limitation of receiving the secret 
obtained from the user. Peyravian does not disclose that the client or server include a display for 
displaying the hashes and shared secret. However, it would have been obvious to one of ordinary 
skill in the art at the time the invention was made to improve the client machines and server 
machines of Peyravian by adding displays to the respective machines, which would allow 
viewing of data on the machines. One of ordinary skill in the art would have capable of applying 
a display to the client/server machines and such an application would have predictable provided 
a means of viewing data resident on the machines. 
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Referring to claims 10, 22, 34, Peyravian discloses that the password is transmitted such 
that it need be manually entered into the respective machine ([0033]), which meets the limitation 
of enabling the user to provide the secret. Peyravian does not disclose that the client or server 
include a display for displaying the hashes and shared secret. However, it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to improve the 
client machines and server machines of Peyravian by adding displays to the respective machines, 
which would allow viewing of data on the machines. One of ordinary skill in the art would have 
capable of applying a display to the client/server machines and such an application would have 
predictable provided a means of viewing data resident on the machines. 

Referring to claim 40, Peyravian discloses an authentication system between parties 
communicating over a SSL tunnel (Abstract & [0016]), which meets the limitation of 
establishing a tunnel between an authenticator in the network and a device, the tunnel using a 
tunnel protocol. The communicating parties include a client and server wherein each have a 
public/private key pair ([0023] & [0025]) and a shared secret ([0022]), which meets the 
limitation of the authenticator having a first public key, the device having a second secretand a. 
second public key. The client concatenates the public key of the client, the public key of the 
server, and a random number ([0038] & [0040]), which is then hashed by the client and 
transmitted to the server ([0040]), which meets the limitation of generating a first hash for 
transmission to the device, the first hash generated using a secret obtained from a user, the first 
public key, the second public key and a random number generated from the tunnel protocol. The 
server receives the hash that is generated by the client, generates a second hash for comparison 
with the hash received from the client ([0041]), which meets the limitation of comparing the first 
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hash with a second hash, wherein the second hash is generated at the device. If the hashes match, 
the server has authenticated the client for communications with the server ([004 0042]), 
which meets the limitation of upon determining that the first hash matches the second hash, 
establishing an authenticated session between the device and the authenticator. The client and 
server are machines ([0016]), which meets the limitation of memory, a processor configured to 
connect the product to a secure network. Peyravian does not disclose that the client or server 
include a display for displaying the hashes and shared secret. However, it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to improve the 
client machines and server machines of Peyravian by adding displays to the respective machines, 
which would allow viewing of data on the machines. One of ordinary skill in the art would have 
capable of applying a display to the client/server machines and such an application would have 
predictable provided a means of viewing data resident on the machines. 
8. Claims 3-5, 11, 12, 15-17, 23, 24, 27-29, 35, 36 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Peyravian, U.S. Publication No. 2004/0158715, in view of Schneier. 
Referring to claims 3, 15, 27, Peyravian discloses an authentication system between parties 
wherein hashes are calculated, and compared for the purposes of authentication ([0038]-[0042]). 
Peyravian does not disclose that the hashes are included in a message that is encrypted with the 
public key of the receiver. However, it would have been obvious to one of ordinary skill in the 
art at the time the invention was made to include the generated hashes in a message thai is 
encrypted for transmission to a receiver using the public key of the receiver in order to provide a 
means of privacy for the communications that is lacking without encryption as taught by 
Schneier (Pages 39 & 41). 
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Referring to claims 4, 16, 28, Peyravian discloses an authentication system between 
parties wherein hashes are calculated, and compared for the purposes of authentication ([0038]- 
[0042]). Peyravian does not disclose that the hashes are included in a message, digitally signed, 
and encrypted with the public key of the receiver. Schneier discloses encrypting a hash with the 
private key of the sender to create a digital signature (Page 38), including the hash in a message, 
which is encrypted with the public key of the receiver for transmission (Page 38 & 41) ; which 
meets the limitation of signing the message with the first private key to generate a digital 
signature. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to include the generated hashes in a message that is digitally signed and encrypted for 
transmission to a receiver using the public key of the receiver in order to provide a means of 
privacy for the communications that is lacking without encryption, along with providing a means 
for authenticating the message as taught by Schneier (Pages 39 & 41). 

Referring to claims 5, 17, 29, Peyravian discloses an authentication system between 
parties wherein hashes are calculated, and compared for the purposes of authentication ([0038]- 
[0042]). Peyravian does not disclose that the hashes are included in a message, digitally signed, 
and encrypted with the public key of the receiver. Schneier discloses encrypting a hash with the 
private key of the sender to create a digital signature (Page 38), including the hash in a message, 
which is encrypted with the public key of the receiver for transmission (Page 38 & 41). Upon 
receipt by the receiver, the message is decrypted using the private key of the receiver, and the 
digital signature is verified using the public key of the sender (Page 41), which meets the 
limitation of checking the digital signature using a first public key, and decrypting the message 
using the second private key. It would have been obvious to one of ordinary skill in the art at the 
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time the invention was made to include the generated hashes in a message that is digitally signed 
and encrypted for transmission to a receiver using the public key of the receiver in order to 
provide a means of privacy for the communications that is lacking without encryption, along 
with providing a means for authenticating the message as taught by Schneier (Pages 39 & 41). 

Referring to claims 11,12, 23, 24, 35, 36, Peyravian does not disclose 
determining/placing whether a public key is on a credential list. Schneier discloses utilizing a 
certificate authority list to store information about public keys (Page 186), which meets the 
limitation of determining if the second public key is on the first credential list, determining if the 
first public key is on the second credential list, placing the first public key in the second 
credential list, and placing the second public key in the first credential list. It would have been 
obvious to one of ordinary skill in the art at the time the invention was made to utilizing a 
certification authority certificate list in Peyravian in order to determine which public keys have 
expired or been compromised as taught by Schneier (Page 1 86). 

9. Claims 41-44 are rejected under 35 U.S.C. 103(a) as being unpatentable over Peyravian, 
U.S. Publication No. 2004/015871 5, in view of Palekar, U.S. Publication No. 2003/022601 7. 
Referring to claims 41-44, Peyravian does not specify any specific type of client/server 
machines. However, it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to implement the client/server machines of Peyravian using one of the finite 
number of embodiments used in the similar system of Palekar ([0031]) because use of any one of 
the finite number of machines described in Palekar as the machines in Peyravian would not 
effect the solution to the problem solved in Peyravian. 

Conclusion 
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1 0. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Benjamih E. Lanier whose telephone number is 571-272-3805. 
The examiner can normally be reached on M-Th 7:30am-5 :00pm, F 7:30am-4pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




